SlideShare a Scribd company logo

On Smart Cards Security

Ilia Levin
Ilia Levin

slides from a talk about smart cards security on example of breaking once popular Cryptoflex cards.

Technology
1 of 19
Download to read offline
On Smart Cards Security Ilya O. Levin D’Crypt Pte Ltd Asiacrypt 2010
Common Beliefs Obscure security tokens have security issues An ISO-compliant smart card is more secure than an obscure security token Attacking smart cards is hard
Smart Cards Physicalize cryptographic secrets by having non-exportable objects (keys, PINs, etc.)
Schlumberger Cryptoflex
Cryptoflex Secrets Elementary Files with Read AC set to “Never Allowed” 0000 Cardholder Verification File (CHV1) 0001 Internal keys (DES, 3DES) 0011 External keys (AUT, DES, 3DES) 0012 RSA private keys (1012 – public) 0100 Cardholder Verification File (CHV2)
CHV File Format Byte(s) Description Length 1 File activation byte, LSB 1 2-3 RFU 2 4-11 PIN value 8 12 Number of verification attempts allowed 1 13 Remaining verification attempt counter 1 14-21 Unblocking PIN value 8 22 Number of unblocking attempts allowed (10) 1 23 Remaining unblocking attempt counter 1
Internal Key File Slot Format Byte(s) Description Length 1 RFU (!=0) 1 2 Key length or 1 00 = last slot 01 = empty slot 3 Algorithm ID 1 00 = Single-length DES, 56-bit 02 = Double-length 3DES, 112-bit 4-11 or 4-19 Key value 8/16 12 or 20 RFU (!=0) 1
External Key File Slot Format Byte(s) Description Length 1 RFU 1 2 Key length or 1 00 = last slot 01 = empty slot 3 Algorithm ID 1 00 = Single-length DES, 56-bit 02 = Double-length 3DES, 112-bit 4-11 or 4-19 Key value 8/16 12 or 20 Number of verification attempts allowed 1 13 or 21 Remaining verification attempts counter 1 14 or 22 Next key data, starting from a key length
RSA 1024-bit Private Key File Format Byte(s) Description Length 1 Key block length, MSB = 01 1 2 Key block length, LSB = 43h (323 bytes) 1 3 Key number 1 4-67 Public modulus secret prime factor P 64 68-131 Public modulus secret prime factor Q 64 132-195 Inverse of the factor P (a = Q-1 mod P) 64 196-259 Private subexponent (c = Ks mod (P-1)) 64 260-323 Private subexponent (f = Ks mod (Q-1)) 64 … … … EOF 00 00 00 3
Cryptoflex Authentication CHV1 User PIN CHV2 Admin PIN (optional) AUT1 Transport Key (2nd slot of 3f00/0011) Still cannot read EFs with Never Allowed AC
Cryptoflex Authentication We will skip the details of all related issues here Assume CHV and AUT1 are known Ask me offline if interested
Cryptoflex Secrets. The Fun Part The non-exportable secrets are stored in the elementary files We can bypass standard commands and modify content directly with Update Binary/Update Binary Enciphered
Cryptoflex Secrets. The Fun Part The non-exportable secrets are stored in the elementary files We can bypass standard commands and modify content directly with Update Binary/Update Binary Enciphered Elementary files are transparent, not linear We can modify anything in chunks of any size or one byte at a time at any offset
Cryptoflex Secrets. The Fun Part How to extract the first 112-bit 3DES encryption key from the Internal Key File? 1. Establish the card context and satisfy AC 2. Let E = DES_Block_Init(dummy) 3. for i in [4 … 19] 4. for b in [0 … 255] 5. Update the ith byte in EF 0001 with b 6. if ( DES_Block_Init(dummy) ≡ E ) print b
Cryptoflex Secrets. The Fun Part How to extract the first RSA-1024 private key? Same as a 3DES key. Use RSA Signature (Internal Auth) command instead of DES Block Init. Update bytes 4-67 in EF 0012 to recover the secret factor P and bytes 68-131 to recover the secret factor Q
Cryptoflex Secrets. The Fun Part The PoC code recovers a 3DES key in ~5 min and a private RSA-1024 key in ~20 min
Cryptoflex Anamnesis It is possible to recover cryptographic keys out of “non-exportable” objects Read access condition restrictions on key files are irrelevant “We do not consider this to be a security issue”
To conclude Smart cards are not that perfect in real life as we may believe Poking smart cards is fun, no shiny hardware required We may need more public research in this area
Thank you

Recommended

CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersJyothishmathi Institute of Technology and Science Karimnagar
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DESchatsiri
 
Classical cryptography
Classical cryptographyClassical cryptography
Classical cryptographyAravindharamanan S
 
Classical cryptography1
Classical cryptography1Classical cryptography1
Classical cryptography1Aravindharamanan S
 
Moein
MoeinMoein
Moeinitrraincity
 
Rsa diffi-network security-itt
Rsa diffi-network security-ittRsa diffi-network security-itt
Rsa diffi-network security-ittrameshvvv
 
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Sasha Romijn - Everything I always wanted to know about crypto, but never tho...
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Codemotion
 

Recommended

CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersJyothishmathi Institute of Technology and Science Karimnagar
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DESchatsiri
 
Classical cryptography
Classical cryptographyClassical cryptography
Classical cryptographyAravindharamanan S
 
Classical cryptography1
Classical cryptography1Classical cryptography1
Classical cryptography1Aravindharamanan S
 
Moein
MoeinMoein
Moeinitrraincity
 
Rsa diffi-network security-itt
Rsa diffi-network security-ittRsa diffi-network security-itt
Rsa diffi-network security-ittrameshvvv
 
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Sasha Romijn - Everything I always wanted to know about crypto, but never tho...
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Codemotion
 
Cryptography Attacks and Applications
Cryptography Attacks and ApplicationsCryptography Attacks and Applications
Cryptography Attacks and ApplicationsUTD Computer Security Group
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Computer security
Computer security Computer security
Computer security Harry Potter
 
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault DiagnosisIRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault DiagnosisIRJET Journal
 
Integer security analysis using smt solver
Integer security analysis using smt solverInteger security analysis using smt solver
Integer security analysis using smt solverDharmalingam Ganesan
 
Computer security module 2
Computer security module 2Computer security module 2
Computer security module 2Deepak John
 
Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101Aditya Kamat
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
Lecture 2
Lecture 2Lecture 2
Lecture 2fadwa_stuka
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleDharmalingam Ganesan
 
RSA Two Person Game
RSA Two Person GameRSA Two Person Game
RSA Two Person GameDharmalingam Ganesan
 
Computer security module 1
Computer security module 1Computer security module 1
Computer security module 1Deepak John
 
Altevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offeringAltevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offeringAltevie Technologies
 
Verebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumbanVerebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumbanAgroinform.com
 
Campaign finance
Campaign financeCampaign finance
Campaign financecomann25
 
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...ryandubai
 
Daily rutine
Daily rutineDaily rutine
Daily rutineLariin Milena Ojeda Gonzalez
 
Radici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global contextRadici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global contextRadiciGroup
 
*****OB
*****OB*****OB
*****OBYvette Gong
 
Population Census Web Access System
Population Census Web Access SystemPopulation Census Web Access System
Population Census Web Access SystemPrognoz
 

More Related Content

What's hot

13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Computer security
Computer security Computer security
Computer security Harry Potter
 
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault DiagnosisIRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault DiagnosisIRJET Journal
 
Integer security analysis using smt solver
Integer security analysis using smt solverInteger security analysis using smt solver
Integer security analysis using smt solverDharmalingam Ganesan
 
Computer security module 2
Computer security module 2Computer security module 2
Computer security module 2Deepak John
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleDharmalingam Ganesan
 
Computer security module 1
Computer security module 1Computer security module 1
Computer security module 1Deepak John
 

What's hot (14)

Cryptography Attacks and Applications
Cryptography Attacks and ApplicationsCryptography Attacks and Applications
Cryptography Attacks and Applications
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
 
Computer security
Computer security Computer security
Computer security
 
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault DiagnosisIRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
 
Integer security analysis using smt solver
Integer security analysis using smt solverInteger security analysis using smt solver
Integer security analysis using smt solver
 
Computer security module 2
Computer security module 2Computer security module 2
Computer security module 2
 
Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSA
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An Example
 
RSA Two Person Game
RSA Two Person GameRSA Two Person Game
RSA Two Person Game
 
Computer security module 1
Computer security module 1Computer security module 1
Computer security module 1
 

Viewers also liked

Altevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offeringAltevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offeringAltevie Technologies
 
Verebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumbanVerebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumbanAgroinform.com
 
Campaign finance
Campaign financeCampaign finance
Campaign financecomann25
 
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...ryandubai
 
Radici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global contextRadici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global contextRadiciGroup
 
Population Census Web Access System
Population Census Web Access SystemPopulation Census Web Access System
Population Census Web Access SystemPrognoz
 
Tugas pendahuluan 2 open erp
Tugas pendahuluan 2 open erpTugas pendahuluan 2 open erp
Tugas pendahuluan 2 open erpAprill Yozha
 
RadiciGroup Chemicals Presentations
RadiciGroup Chemicals Presentations RadiciGroup Chemicals Presentations
RadiciGroup Chemicals Presentations RadiciGroup
 
007 t econanalysis projects
007 t econanalysis projects007 t econanalysis projects
007 t econanalysis projectsToan Vn
 
La sostenibilità come modello di business per il tessile italiano ed europeo
La sostenibilità come modello di business per il tessile italiano ed europeoLa sostenibilità come modello di business per il tessile italiano ed europeo
La sostenibilità come modello di business per il tessile italiano ed europeoRadiciGroup
 
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...RadiciGroup
 
To Be Glocal 2012 - RadiciGroup Corporate Brochure
To Be Glocal 2012 - RadiciGroup Corporate BrochureTo Be Glocal 2012 - RadiciGroup Corporate Brochure
To Be Glocal 2012 - RadiciGroup Corporate BrochureRadiciGroup
 
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkel
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkelPetrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkel
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkelAgroinform.com
 
PET NARRATOR
PET NARRATORPET NARRATOR
PET NARRATORpigson
 

Viewers also liked (20)

Altevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offeringAltevie Technologies - SAP SuccessFactors Cloud offering
Altevie Technologies - SAP SuccessFactors Cloud offering
 
Verebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumbanVerebély Tibor - Informatikai integráció az agráriumban
Verebély Tibor - Informatikai integráció az agráriumban
 
Campaign finance
Campaign financeCampaign finance
Campaign finance
 
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
Lawrence.erlbaum,.teaching.academic.esl.writing.practical.techniques.in.vocab...
 
Daily rutine
Daily rutineDaily rutine
Daily rutine
 
Radici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global contextRadici Plastics: innovation and wide range of materials in a global context
Radici Plastics: innovation and wide range of materials in a global context
 
*****OB
*****OB*****OB
*****OB
 
Population Census Web Access System
Population Census Web Access SystemPopulation Census Web Access System
Population Census Web Access System
 
JDBC
JDBCJDBC
JDBC
 
Tugas pendahuluan 2 open erp
Tugas pendahuluan 2 open erpTugas pendahuluan 2 open erp
Tugas pendahuluan 2 open erp
 
RadiciGroup Chemicals Presentations
RadiciGroup Chemicals Presentations RadiciGroup Chemicals Presentations
RadiciGroup Chemicals Presentations
 
007 t econanalysis projects
007 t econanalysis projects007 t econanalysis projects
007 t econanalysis projects
 
La sostenibilità come modello di business per il tessile italiano ed europeo
La sostenibilità come modello di business per il tessile italiano ed europeoLa sostenibilità come modello di business per il tessile italiano ed europeo
La sostenibilità come modello di business per il tessile italiano ed europeo
 
Storybook final
Storybook finalStorybook final
Storybook final
 
Powerpoint 1
Powerpoint 1Powerpoint 1
Powerpoint 1
 
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...
La Sperimentazione della Metodologia PEF (Product Environmental Footprint) pe...
 
To Be Glocal 2012 - RadiciGroup Corporate Brochure
To Be Glocal 2012 - RadiciGroup Corporate BrochureTo Be Glocal 2012 - RadiciGroup Corporate Brochure
To Be Glocal 2012 - RadiciGroup Corporate Brochure
 
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkel
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkelPetrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkel
Petrik Máté - Kis- és középgazdaságok irányítása informatikai eszközökkel
 
PET NARRATOR
PET NARRATORPET NARRATOR
PET NARRATOR
 
Waste Powerpoint
Waste PowerpointWaste Powerpoint
Waste Powerpoint
 

Similar to On Smart Cards Security

Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptographyNithyasriA2
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
symet.crypto.hill.cipher.2023.ppt
symet.crypto.hill.cipher.2023.pptsymet.crypto.hill.cipher.2023.ppt
symet.crypto.hill.cipher.2023.ppthalosidiq1
 
Next generation block ciphers
Next generation block ciphersNext generation block ciphers
Next generation block ciphersRoman Oliynykov
 
Topic4 data encryption standard(des)
Topic4 data encryption standard(des)Topic4 data encryption standard(des)
Topic4 data encryption standard(des)MdFazleRabbi18
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.pptUskuMusku1
 
when AES(☢) = ☠ --- a crypto-binary magic trick
when AES(☢) = ☠ --- a crypto-binary magic trickwhen AES(☢) = ☠ --- a crypto-binary magic trick
when AES(☢) = ☠ --- a crypto-binary magic trickAnge Albertini
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoHarry Potter
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoJames Wong
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoYoung Alista
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoDavid Hoen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoTony Nguyen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoLuis Goldster
 

Similar to On Smart Cards Security (20)

Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
Data Encryption standard in cryptography
Data Encryption standard in cryptographyData Encryption standard in cryptography
Data Encryption standard in cryptography
 
Network security
Network securityNetwork security
Network security
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
 
symet.crypto.hill.cipher.2023.ppt
symet.crypto.hill.cipher.2023.pptsymet.crypto.hill.cipher.2023.ppt
symet.crypto.hill.cipher.2023.ppt
 
Next generation block ciphers
Next generation block ciphersNext generation block ciphers
Next generation block ciphers
 
Topic4 data encryption standard(des)
Topic4 data encryption standard(des)Topic4 data encryption standard(des)
Topic4 data encryption standard(des)
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.ppt
 
when AES(☢) = ☠ --- a crypto-binary magic trick
when AES(☢) = ☠ --- a crypto-binary magic trickwhen AES(☢) = ☠ --- a crypto-binary magic trick
when AES(☢) = ☠ --- a crypto-binary magic trick
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 
section-8.ppt
section-8.pptsection-8.ppt
section-8.ppt
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 

Recently uploaded

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Recently uploaded (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

On Smart Cards Security

  • 1. On Smart Cards Security Ilya O. Levin D’Crypt Pte Ltd Asiacrypt 2010
  • 2. Common Beliefs Obscure security tokens have security issues An ISO-compliant smart card is more secure than an obscure security token Attacking smart cards is hard
  • 3. Smart Cards Physicalize cryptographic secrets by having non-exportable objects (keys, PINs, etc.)
  • 5. Cryptoflex Secrets Elementary Files with Read AC set to “Never Allowed” 0000 Cardholder Verification File (CHV1) 0001 Internal keys (DES, 3DES) 0011 External keys (AUT, DES, 3DES) 0012 RSA private keys (1012 – public) 0100 Cardholder Verification File (CHV2)
  • 6. CHV File Format Byte(s) Description Length 1 File activation byte, LSB 1 2-3 RFU 2 4-11 PIN value 8 12 Number of verification attempts allowed 1 13 Remaining verification attempt counter 1 14-21 Unblocking PIN value 8 22 Number of unblocking attempts allowed (10) 1 23 Remaining unblocking attempt counter 1
  • 7. Internal Key File Slot Format Byte(s) Description Length 1 RFU (!=0) 1 2 Key length or 1 00 = last slot 01 = empty slot 3 Algorithm ID 1 00 = Single-length DES, 56-bit 02 = Double-length 3DES, 112-bit 4-11 or 4-19 Key value 8/16 12 or 20 RFU (!=0) 1
  • 8. External Key File Slot Format Byte(s) Description Length 1 RFU 1 2 Key length or 1 00 = last slot 01 = empty slot 3 Algorithm ID 1 00 = Single-length DES, 56-bit 02 = Double-length 3DES, 112-bit 4-11 or 4-19 Key value 8/16 12 or 20 Number of verification attempts allowed 1 13 or 21 Remaining verification attempts counter 1 14 or 22 Next key data, starting from a key length
  • 9. RSA 1024-bit Private Key File Format Byte(s) Description Length 1 Key block length, MSB = 01 1 2 Key block length, LSB = 43h (323 bytes) 1 3 Key number 1 4-67 Public modulus secret prime factor P 64 68-131 Public modulus secret prime factor Q 64 132-195 Inverse of the factor P (a = Q-1 mod P) 64 196-259 Private subexponent (c = Ks mod (P-1)) 64 260-323 Private subexponent (f = Ks mod (Q-1)) 64 … … … EOF 00 00 00 3
  • 10. Cryptoflex Authentication CHV1 User PIN CHV2 Admin PIN (optional) AUT1 Transport Key (2nd slot of 3f00/0011) Still cannot read EFs with Never Allowed AC
  • 11. Cryptoflex Authentication We will skip the details of all related issues here Assume CHV and AUT1 are known Ask me offline if interested
  • 12. Cryptoflex Secrets. The Fun Part The non-exportable secrets are stored in the elementary files We can bypass standard commands and modify content directly with Update Binary/Update Binary Enciphered
  • 13. Cryptoflex Secrets. The Fun Part The non-exportable secrets are stored in the elementary files We can bypass standard commands and modify content directly with Update Binary/Update Binary Enciphered Elementary files are transparent, not linear We can modify anything in chunks of any size or one byte at a time at any offset
  • 14. Cryptoflex Secrets. The Fun Part How to extract the first 112-bit 3DES encryption key from the Internal Key File? 1. Establish the card context and satisfy AC 2. Let E = DES_Block_Init(dummy) 3. for i in [4 … 19] 4. for b in [0 … 255] 5. Update the ith byte in EF 0001 with b 6. if ( DES_Block_Init(dummy) ≡ E ) print b
  • 15. Cryptoflex Secrets. The Fun Part How to extract the first RSA-1024 private key? Same as a 3DES key. Use RSA Signature (Internal Auth) command instead of DES Block Init. Update bytes 4-67 in EF 0012 to recover the secret factor P and bytes 68-131 to recover the secret factor Q
  • 16. Cryptoflex Secrets. The Fun Part The PoC code recovers a 3DES key in ~5 min and a private RSA-1024 key in ~20 min
  • 17. Cryptoflex Anamnesis It is possible to recover cryptographic keys out of “non-exportable” objects Read access condition restrictions on key files are irrelevant “We do not consider this to be a security issue”
  • 18. To conclude Smart cards are not that perfect in real life as we may believe Poking smart cards is fun, no shiny hardware required We may need more public research in this area